Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    160fc950b4179cd5d5a70a0cefbcd3a3_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241005-egyzfatgmq

  • MD5

    160fc950b4179cd5d5a70a0cefbcd3a3

  • SHA1

    a70ca84cbc51c69bfaf7dcf993dd33a4c224b5df

  • SHA256

    5d5e49763be292f090b8e8b4894b979febb04e0d239fd9d27cb4efe4eb526679

  • SHA512

    5b85617a437a9ae871f68c799e02ed5cfd9f6458ef67cbccec0f5a315fb3b3b97d77e0902e5a9221611cb8a77c6cdbbc7965b6c5bb07689bf843d563ea2c7989

  • SSDEEP

    24576:h1OYdaOxOBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQW:h1OsaOEt5hDG0SAMs9j8nTJ2Y68hWGQW

Malware Config

Targets

    • Target

      160fc950b4179cd5d5a70a0cefbcd3a3_JaffaCakes118

    • Size

      1.1MB

    • MD5

      160fc950b4179cd5d5a70a0cefbcd3a3

    • SHA1

      a70ca84cbc51c69bfaf7dcf993dd33a4c224b5df

    • SHA256

      5d5e49763be292f090b8e8b4894b979febb04e0d239fd9d27cb4efe4eb526679

    • SHA512

      5b85617a437a9ae871f68c799e02ed5cfd9f6458ef67cbccec0f5a315fb3b3b97d77e0902e5a9221611cb8a77c6cdbbc7965b6c5bb07689bf843d563ea2c7989

    • SSDEEP

      24576:h1OYdaOxOBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQW:h1OsaOEt5hDG0SAMs9j8nTJ2Y68hWGQW

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks